To Tor or not to Tor?

rysiek rysiek@hackerspace.pl
Fri Mar 21 03:04:43 PDT 2014


Hi there,

As I am running a local cryptoparty and do a lot of basic encryption/privacy 
talks and workshops, I am often recommending Tor as one of the means of 
protecting one's privacy and yes, even security (for example, by running a 
hidden service and making it possible for users not to leave the darknet).

Of course it's far from being enough, and I make that very clear.

But lately I got to wonder if using Tor does more harm than good? If the NSA 
can impersonate any IP on the planet, they can impersonate any Tor node; tis 
has two important consequences:

1. they know when you're using Tor, and can flag you accordingly, and (for
   example) deliver some nastiness when (not "if"!) they get the chance,
   because "when you have something to hide..."

2. they can guess with high probability whom are you communicating with; they
   don't have to break encryption, it's enough they listen-in and see that a
   Tor packet from your IP to Node A is x bytes; a packet from Node A to Node
   B is x-( header + Tor encryption layer size ) bytes, and so on.

So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes 
be far better of not using Tor? How about more high-profile targets, like 
activists/hacktivists, etc?

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140321/d656e97c/attachment.sig>


More information about the cypherpunks mailing list